Driving the increase was a 59 per cent rise in the number of phishing incidents, in which a record 18,000 malicious URLs were detected by the organisation.
Alex Chan Chung-man, general manager of HKCERT’s digital transformation division, said there had been a rise in hackers using advanced tools including AI-generated deepfake impersonations and malware that were harder to detect.
“We can see the hackers getting more advanced and sophisticated,” Chan said.
Starting from May, the watchdog said it had been using a large language AI model to trawl through website domain names to detect potential phishing sites, which could then be reported or taken down.
In May alone, the AI tool was able analyse more than 3.7 million websites, increasing the watchdog’s processing capabilities by over a thousand times.
Phishing websites successfully detected by the tool include those imitating popular Japanese e-commerce site Rakuten and social media platforms such as WhatsApp and Facebook.
In addition, AI was also being used to help improve HKCERT’s cybersecurity alert system.
The AI tool would analyse the threat intelligence gathered by HKCERT for trends in phishing, malware and botnet attacks specific to Hong Kong.
It could then generate security alerts for the watchdog’s website following an evaluation by staff.
Chan said this had increased the watchdog’s intelligence analysis efficiency by 80 per cent.
“For threat intelligence, you need to analyse a lot of data,” Chan said. “If we use AI … we can issue more precise alerts for Hong Kong [residents].”
A string of high-profile data breaches earlier this year involving both private businesses and government departments have renewed calls for the city to step up its cybersecurity efforts.
Earlier this month, it was revealed that 41 residents had lost HK$12 million (US$1.54 million) in a malware scam run by a suspected Malaysia-based syndicate.
In less than a week at the start of May, it was revealed that the personal data of more than 130,000 people had been leaked in separate breaches affecting the Fire Services Department, Companies Registry and Electrical and Mechanical Services Department.
The back-to-back data breaches prompted the Office of the Government Chief Information Officer – the government’s top information technology unit – to ask all bureaus and departments to review their computer security.
Jewellery chain Luk Fook Holdings and the Hong Kong College of Technology were also targeted in cyberattacks later that same month.
IT experts have appealed to the government to draw up policies to centralise cybersecurity protection for all departments and associated organisations in a bid to cut the risk of more breaches.
Chief Executive John Lee Ka-chiu announced in his 2023 policy address that the government would introduce new legislation this year to enhance the protection of cybersecurity of critical infrastructure.
link